Safeguarding Audits

For Payment Institutions and Emoney Firms in the UK and Europe.

Are Safeguarding Audits mandatory for Payment Institutions and Emoney Firms?

  • Yes,  regulated Payment and Emoney institutions are legally obliged to safeguard the funds that they hold on behalf of their clients: the “relevant funds”.
  • Furthermore,  institutions are required to have effective risk management procedures, adequate internal control mechanisms and to maintain relevant records; all with the aim of reducing the risk of the loss or diminution of relevant funds through fraud, misuse, negligence or poor administration.
  • A key element of the above stipulations is the requirement for an institution to have an annual audit, conducted by a third party, on their safeguarding systems and controls.
  • This was reinforced in July 2020, when the FCA issued additional guidance on safeguarding, where they stated, “…we expect the firm to arrange specific annual audits of its compliance with the safeguarding requirements under the PSRs/EMRs
Safeguarding Audits AuthoriPay
Safeguarding Audits AuthoriPay

What does a safeguarding audit look at?

AuthoriPay helps institutions to meet their obligations by providing a comprehensive safeguarding audit, which assesses all aspects of the safeguarding requirements, including:

  • Governance and oversight
  • Implementation of safeguarding methods
  • Systems and Controls
  • Reconciliation processes
  • Preparedness for insolvency; including wind down planning

Recommendations of alternative banking providers for:

  1. Additional Currencies
  2. Lower Fees
  3. Alternative Payment Networks e.g. SEPA, FEDWIRE
  4. Higher-risk appetite e.g. Crypto, Gaming.
  5. As a backup in case of account closure, particularly for remittance firms working in high risk regions / corridors.

“…we expect the firm to arrange specific annual audits of its compliance with the safeguarding requirements under the PSRs/EMRs.”    Financial Conduct Authority – July 2020.

Our audits cover all of the FCA’s expectations on safeguarding, which are set out in:

Chapter 10 of the Approach Document

The letter dated December 2019 to firms’ CEOs

The FCA’s additional guidance published in July 2020

Does a Safeguarding audit involve a visit?

Given the new normal of Covid-19. We provide two options:

b

Remote Audit

b

Remote Audit followed by Onsite Review

Our approach is as follows:

  • A questionnaire is sent to the auditee, to complete and return (along with any requested documentation)to AuthoriPay.
  • This will be used for a desktop review of the safeguarding controls.
  • An onsite audit to examine first-hand the firm’s operations (this is only applicable for option number 2).
  • Write up an initial report of our findings.
  • Once the initial report has been issued, Authoripay will allow time for the auditee to provide their feedback and make any amendments as may be necessary until a final audit report can be produced.
Safeguarding Audits AuthoriPay

Approximate timescales from start to finish are 1-2 weeks for Remote service and 2-3 weeks for onsite.

Why choose AuthoriPay?

  • We are an established and well-regarded consultancy with highly qualified staff. AuthoriPay has significant specialist experience in auditing compliance with the safeguarding requirements under the PSRs/EMRs. All Auditors are approved members of the International Compliance Association and the APCC.
  • Our auditing standard is to ISAE 3000 (assurance engagements other than audits or reviews of historical financial information). We provide official ‘type 2’ opinions on the auditee’s compliance with safeguarding requirements and the sufficiency of the design and operating effectiveness of controls as at the time of producing the final report
  • Throughout our audits we will always take into consideration the size and complexity of the auditee’s business and aim to:
    1. Assess the quality of the firm’s existing safeguarding controls
    2. Identify gaps where they exist
    3. Make recommendations for practical steps to be taken to close those gaps

  • AuthoriPay has a very quick turnaround time and highly competitive fees

How much does a Safeguarding audit cost?

Our remote service costs £4000 for a one-off audit including free introductions to alternative banking partners where applicable. Some clients have saved £70K in one year through our introductions to alternative banking providers. Clients who use our ongoing services benefit from lower audit costs and ongoing updates of new technology, liquidity and banking solutions.

Get in touch

    AuthoriPay Ltd, Milton Hall,  Ely Road, Cambridge,   CB24 6WZ